CVE-2018-14847 PoC — Winbox for MikroTik RouterOS 安全漏洞

Source

Associated Vulnerability

Title:Winbox for MikroTik RouterOS 安全漏洞 (CVE-2018-14847)
Description:MikroTik RouterOS是一套路由操作系统。Winbox for MikroTik RouterOS是一个用于管理MikroTik RouterOS系统的应用程序。 Winbox for MikroTik RouterOS 6.42及之前版本中存在安全漏洞。远程攻击者可通过修改请求利用该漏洞绕过身份验证并读取任意文件。

Description

Automated version of CVE-2018-14847 (MikroTik Exploit)

Readme

# MikroRoot
Automated version of CVE-2018-14847. It will scrape shodan for vulnerable host and then try to exploit them.

# How to use      
Note that this script will NOT run with Python2.x. Use only Python 3+       

MikroRoot:        
`python3 MikroRoot.py -k SHODAN_KEY -p page count`           
`User: ncss`        
`Pass: ncss!@#2018`     
`IP: 1.2.3.4`         

# Arguments       
**-p** page count to scrape       
**-k** Shodan key       
        
# Author of exploit    
**https://github.com/BasuCert/WinboxPoC**

File Snapshot


 [4.0K]  /data/pocs/6ffff834778572f01b74779204d4a9c81f3e3b5c
├── [1.4K]  extract_user.py
├── [2.4K]  MikroRoot.py
└── [ 527]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!